On Mon, Oct 10, 2022 at 10:21:40PM -0700, Junio C Hamano wrote: > Jeff King <peff@xxxxxxxx> writes: > > > There's a tiny leak in this one. Here's a fix that can go on top. > > > > -- >8 -- > > Subject: [PATCH] fsmonitor: fix leak of warning message > > > > The fsm_settings__get_incompatible_msg() function returns an allocated > > string. So we can't pass its result directly to warning(); we must hold > > on to the pointer and free it to avoid a leak. > > > > The leak here is small and fixed size, but Coverity complained, and > > presumably SANITIZE=leaks would eventually. > > > > Signed-off-by: Jeff King <peff@xxxxxxxx> > > --- > > fsmonitor.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > Is there anybody else who is reading Coverity reports, I wonder. > This one is a clear positive. I doubt it. My personal fork still has the coverity github-action which I showed last year[1]. We could merge that, but giving access to the project is a minor pain. And of course the full list is full of false positives. One nice thing about coverity is that it marks each defect by date, and tells you how many new ones there are. So when I push up my next+personal branches build, I usually just skim over any new ones it reports. I'd say about 10% of them are actionable. -Peff [1] https://lore.kernel.org/git/YV5dmkkuCqAY2qqG@xxxxxxxxxxxxxxxxxxxxxxx/
